Ounce Labs released a valuable resource for everybody involved in the Software Security business. “Software Security Assurance: A Framework for Software Vulnerability Management and Audit” is more than a framework, it’s a call to action driven by the need for better understanding of roles and responsibilities in software security assurance.

Metasploit is pleased to announce the immediate, free availability of the Metasploit Framework version 3.

SANS released a paper on Web Applications Audit. It’s more of a guide to low hanging fruit website assessment, but still is a good resource . The article begins with setting up , adjusting and configuring the tool arsenal and then walks the reader trough implementation and conclusions.

The Open Web Application Security Project (OWASP) is dedicated to finding and fighting the causes of insecure software. Everything here is free and open source. OWASP has released the Security Testing Guide v2 .At 270 pages, this guide is already a must-have for most developers and penetration/application testers, but we want to take it one [...]